Towards a threat model for mobile ad-hoc networks

The increasing number of mobile devices enabled by wireless communication significantly change security issues and challenge threat modeling research in many ways. Particularly because of the vulnerability of wireless communication channels in addition to the insecure and lacking infrastructure, Mobile Ad-Hoc Networks (MANETs) require an adjusted Threat Model in contrast to the Threat Model faced when dealing with traditional networks. Moreover, mobility implicates ad-hoc routing methods to send data in an open wireless medium and facilitates adversaries in performing various attacks threatening the MANET's security. For this purpose threat modeling is employed to understand the adversary's view, to characterize the security of the system, and to identify the system's threats. In this paper we summarize and discuss protection challenges unique to Mobile Ad-Hoc Networks. We alter the Threat Model Process to Mobile Wireless Ad-Hoc Networks settings based on traditional security principles: Confidentiality, Integrity, Availability, Authentication, and Anonymity (CIAAA).

[1]  Xiaoyan Hong,et al.  Mobility changes anonymity: new passive threats in mobile ad hoc networks , 2006, Wirel. Commun. Mob. Comput..

[2]  Derek Atkins,et al.  Threat Analysis of the Domain Name System (DNS) , 2004, RFC.

[3]  L. Ertaul,et al.  Security of ad hoc networks and threshold cryptography , 2005, 2005 International Conference on Wireless Networks, Communications and Mobile Computing.

[4]  Gene Tsudik,et al.  Flooding for reliable multicast in multi-hop ad hoc networks , 1999, DIALM '99.

[5]  William Yurcik,et al.  Threat Modeling as a Basis for Security Requirements , 2005 .

[6]  Yih-Chun Hu Packet Leashes : A Defense against Wormhole Attacks in Wireless Ad Hoc Networks , 2001 .

[7]  Sadie Creese,et al.  The attacker in ubiquitous computing environments: formalising the threat model , 2003 .

[8]  Rafail Ostrovsky,et al.  How to withstand mobile virus attacks (extended abstract) , 1991, PODC '91.

[9]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[10]  William Yurcik,et al.  Toward a threat model for storage systems , 2005, StorageSS '05.

[11]  Frank Swiderski,et al.  Threat Modeling , 2018, Hacking Connected Cars.